Filtered by vendor Everestthemes
Subscriptions
Filtered by product Everest Backup
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62946 | 2 Everestthemes, Wordpress | 2 Everest Backup, Wordpress | 2025-10-28 | 8.8 High |
| Missing Authorization vulnerability in everestthemes Everest Backup everest-backup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Everest Backup: from n/a through <= 2.3.8. | ||||
| CVE-2025-11380 | 2 Everestthemes, Wordpress | 2 Everest Backup, Wordpress | 2025-10-21 | 5.9 Medium |
| The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for unauthenticated attackers to retrieve back-up file locations that can be subsequently accessed and downloaded. This does require a back-up to be running in order for an attacker to retrieve the back-up location. | ||||
| CVE-2025-49238 | 1 Everestthemes | 1 Everest Backup | 2025-06-24 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup allows Cross Site Request Forgery. This issue affects Everest Backup: from n/a through 2.3.3. | ||||
| CVE-2023-7201 | 1 Everestthemes | 1 Everest Backup | 2025-05-08 | 6.5 Medium |
| The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup) | ||||
| CVE-2023-52185 | 1 Everestthemes | 1 Everest Backup | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Everestthemes Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin.This issue affects Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin: from n/a through 2.1.9. | ||||
| CVE-2024-10028 | 1 Everestthemes | 1 Everest Backup | 2024-11-08 | 7.5 High |
| The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticated attackers to obtain an archive file name and download the site's backup. | ||||
Page 1 of 1.